public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug c++/44069] New: optimization bug initializing from cast array
@ 2010-05-11 0:00 kraftche at cae dot wisc dot edu
2010-05-11 0:22 ` [Bug c++/44069] " pinskia at gcc dot gnu dot org
` (11 more replies)
0 siblings, 12 replies; 13+ messages in thread
From: kraftche at cae dot wisc dot edu @ 2010-05-11 0:00 UTC (permalink / raw)
To: gcc-bugs
The code below, when compiled with out optimization, produces the expected
result:
% g++ bug.cc -o bug
% ./bug
{1, 2, 3, 4}
{5, 6, 7, 8}
{9, 0, 1, 2}
{3, 4, 5, 6}
When compiled with optimization, it produces garbage for all rows of the matrix
except the first row:
% g++ -O2 bug.cc -o bug
% ./bug
{1, 2, 3, 4}
{3.11042e-317, 2.07381e-317, 4.94066e-323, 2.07372e-317}
{0, 2.07321e-317, 6.92543e-310, 2.07375e-317}
{6.92543e-310, 2.07372e-317, 0, 2.0733e-317}
bug.cc:
#include <iostream>
template <unsigned R, unsigned C>
class M {
public:
M( const double* arr ) {
for (unsigned r = 0; r < R; ++r)
for (unsigned c = 0; c < C; ++c)
m[r*C+c] = arr[r*C+c];
}
double operator()(unsigned r, unsigned c) const
{ return m[r*C+c]; }
private:
double m[R*C];
};
template <unsigned R, unsigned C>
std::ostream& operator<<( std::ostream& str, const M<R,C>& m )
{
for (unsigned r = 0; r < R; ++r) {
str << "{" << m(r,0);
for (unsigned c = 1; c < C; ++c)
str << ", " << m(r,c);
str << "}" << std::endl;
}
return str;
}
int main()
{
double vals[4][4] = { { 1, 2, 3, 4 },
{ 5, 6, 7, 8 },
{ 9, 0, 1, 2 },
{ 3, 4, 5, 6 } };
M<4,4> m( &(vals[0][0]) );
std::cout << m << std::endl;
return 0;
}
--
Summary: optimization bug initializing from cast array
Product: gcc
Version: 4.5.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: c++
AssignedTo: unassigned at gcc dot gnu dot org
ReportedBy: kraftche at cae dot wisc dot edu
GCC build triplet: x86_64-unknown-linux-gnu
GCC host triplet: x86_64-unknown-linux-gnu
GCC target triplet: x86_64-unknown-linux-gnu
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=44069
^ permalink raw reply [flat|nested] 13+ messages in thread
* [Bug c++/44069] optimization bug initializing from cast array
2010-05-11 0:00 [Bug c++/44069] New: optimization bug initializing from cast array kraftche at cae dot wisc dot edu
@ 2010-05-11 0:22 ` pinskia at gcc dot gnu dot org
2010-05-11 0:29 ` kraftche at cae dot wisc dot edu
` (10 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: pinskia at gcc dot gnu dot org @ 2010-05-11 0:22 UTC (permalink / raw)
To: gcc-bugs
------- Comment #1 from pinskia at gcc dot gnu dot org 2010-05-11 00:22 -------
The problem is that you are reading past the array (vals[0]).
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=44069
^ permalink raw reply [flat|nested] 13+ messages in thread
* [Bug c++/44069] optimization bug initializing from cast array
2010-05-11 0:00 [Bug c++/44069] New: optimization bug initializing from cast array kraftche at cae dot wisc dot edu
2010-05-11 0:22 ` [Bug c++/44069] " pinskia at gcc dot gnu dot org
@ 2010-05-11 0:29 ` kraftche at cae dot wisc dot edu
2010-05-11 0:44 ` paolo dot carlini at oracle dot com
` (9 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: kraftche at cae dot wisc dot edu @ 2010-05-11 0:29 UTC (permalink / raw)
To: gcc-bugs
------- Comment #2 from kraftche at cae dot wisc dot edu 2010-05-11 00:29 -------
Subject: Re: optimization bug initializing from cast array
On 05/10/2010 07:22 PM, pinskia at gcc dot gnu dot org wrote:
> ------- Comment #1 from pinskia at gcc dot gnu dot org 2010-05-11 00:22 -------
> The problem is that you are reading past the array (vals[0]).
>
>
I don't think that I am. Or rather, I understand that I am reading off
the end of the first row of a 2D array, but not past the end of the
entire 2D array. It is fairly common when combining C and C++ code to
assume things such about the memory layout of an array. For example
that the array rows are consecutive in memory such that reading one
position past the end of the first row of a 2D array is equivalent to
reading the first element of the second row. And it works fine with
without optimization.
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=44069
^ permalink raw reply [flat|nested] 13+ messages in thread
* [Bug c++/44069] optimization bug initializing from cast array
2010-05-11 0:00 [Bug c++/44069] New: optimization bug initializing from cast array kraftche at cae dot wisc dot edu
2010-05-11 0:22 ` [Bug c++/44069] " pinskia at gcc dot gnu dot org
2010-05-11 0:29 ` kraftche at cae dot wisc dot edu
@ 2010-05-11 0:44 ` paolo dot carlini at oracle dot com
2010-05-11 8:47 ` rguenth at gcc dot gnu dot org
` (8 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: paolo dot carlini at oracle dot com @ 2010-05-11 0:44 UTC (permalink / raw)
To: gcc-bugs
------- Comment #3 from paolo dot carlini at oracle dot com 2010-05-11 00:44 -------
Bah... let's see what Richard thinks. Personally, I would have written it like
this in the first place:
#include <iostream>
template <unsigned R, unsigned C>
class M {
public:
M( const double arr[R][C] ) {
for (unsigned r = 0; r < R; ++r)
for (unsigned c = 0; c < C; ++c)
m[r*C+c] = arr[r][c];
}
double operator()(unsigned r, unsigned c) const
{ return m[r*C+c]; }
private:
double m[R*C];
};
template <unsigned R, unsigned C>
std::ostream& operator<<( std::ostream& str, const M<R,C>& m )
{
for (unsigned r = 0; r < R; ++r) {
str << "{" << m(r,0);
for (unsigned c = 1; c < C; ++c)
str << ", " << m(r,c);
str << "}" << std::endl;
}
return str;
}
int main()
{
double vals[4][4] = { { 1, 2, 3, 4 },
{ 5, 6, 7, 8 },
{ 9, 0, 1, 2 },
{ 3, 4, 5, 6 } };
M<4,4> m( vals );
std::cout << m << std::endl;
return 0;
}
--
paolo dot carlini at oracle dot com changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |rguenth at gcc dot gnu dot
| |org
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=44069
^ permalink raw reply [flat|nested] 13+ messages in thread
* [Bug c++/44069] optimization bug initializing from cast array
2010-05-11 0:00 [Bug c++/44069] New: optimization bug initializing from cast array kraftche at cae dot wisc dot edu
` (2 preceding siblings ...)
2010-05-11 0:44 ` paolo dot carlini at oracle dot com
@ 2010-05-11 8:47 ` rguenth at gcc dot gnu dot org
2010-05-12 20:16 ` [Bug middle-end/44069] [4.5 Regression] " rguenth at gcc dot gnu dot org
` (7 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: rguenth at gcc dot gnu dot org @ 2010-05-11 8:47 UTC (permalink / raw)
To: gcc-bugs
------- Comment #4 from rguenth at gcc dot gnu dot org 2010-05-11 08:47 -------
I will have a look.
--
rguenth at gcc dot gnu dot org changed:
What |Removed |Added
----------------------------------------------------------------------------
AssignedTo|unassigned at gcc dot gnu |rguenth at gcc dot gnu dot
|dot org |org
Status|UNCONFIRMED |ASSIGNED
Ever Confirmed|0 |1
Last reconfirmed|0000-00-00 00:00:00 |2010-05-11 08:47:26
date| |
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=44069
^ permalink raw reply [flat|nested] 13+ messages in thread
* [Bug middle-end/44069] [4.5 Regression] optimization bug initializing from cast array
2010-05-11 0:00 [Bug c++/44069] New: optimization bug initializing from cast array kraftche at cae dot wisc dot edu
` (3 preceding siblings ...)
2010-05-11 8:47 ` rguenth at gcc dot gnu dot org
@ 2010-05-12 20:16 ` rguenth at gcc dot gnu dot org
2010-05-14 21:16 ` [Bug middle-end/44069] [4.5/4.6 " rguenth at gcc dot gnu dot org
` (6 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: rguenth at gcc dot gnu dot org @ 2010-05-12 20:16 UTC (permalink / raw)
To: gcc-bugs
------- Comment #5 from rguenth at gcc dot gnu dot org 2010-05-12 20:16 -------
So, the issue is that the loop copying vals to m looks like
<bb 3>:
D.21310_23 = r_22 * 4;
D.21309_25 = D.21310_23 + c_24;
D.21308_26 = (long unsigned int) D.21309_25;
D.21305_29 = vals[0][D.21308_26];
m.m[D.21309_25] = D.21305_29;
c_30 = c_24 + 1;
<bb 4>:
# c_24 = PHI <c_32(7), c_30(3)>
if (c_24 <= 3)
goto <bb 3>;
else
goto <bb 5>;
<bb 5>:
r_31 = r_22 + 1;
<bb 6>:
# r_22 = PHI <0(2), r_31(5)>
if (r_22 <= 3)
goto <bb 7>;
else
goto <bb 8>;
<bb 7>:
# c_32 = PHI <0(6)>
goto <bb 4>;
where vals[0][D.21308_26] does not represent a use of vals[i][j] with
i > 0. This is because get_ref_base_and_extent restricts the valid
extent of D.21308_26 to 3. Note that the issue is exposed by
re-constructing an array-reference from the pointer access in the
inlined constructor. After inlining into main() we have
<bb 3>:
D.21310_23 = r_22 * 4;
D.21309_25 = D.21310_23 + c_24;
D.21308_26 = (long unsigned int) D.21309_25;
D.21307_27 = D.21308_26 * 8;
D.21306_28 = &vals[0][D.21308_26];
D.21305_29 = *D.21306_28;
m.m[D.21309_25] = D.21305_29;
c_30 = c_24 + 1;
from the non-inlined variant
<bb 4>:
D.21286_7 = r_1 * 4;
D.21287_8 = D.21286_7 + c_2;
D.21286_9 = r_1 * 4;
D.21287_10 = D.21286_9 + c_2;
D.21288_11 = (long unsigned int) D.21287_10;
D.21289_12 = D.21288_11 * 8;
D.21290_14 = arr_13(D) + D.21289_12;
D.21291_15 = *D.21290_14;
this_16(D)->m[D.21287_10] = D.21291_15;
c_17 = c_2 + 1;
--
rguenth at gcc dot gnu dot org changed:
What |Removed |Added
----------------------------------------------------------------------------
Component|c++ |middle-end
Keywords| |wrong-code
Summary|optimization bug |[4.5 Regression]
|initializing from cast array|optimization bug
| |initializing from cast array
Target Milestone|--- |4.5.1
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=44069
^ permalink raw reply [flat|nested] 13+ messages in thread
* [Bug middle-end/44069] [4.5/4.6 Regression] optimization bug initializing from cast array
2010-05-11 0:00 [Bug c++/44069] New: optimization bug initializing from cast array kraftche at cae dot wisc dot edu
` (4 preceding siblings ...)
2010-05-12 20:16 ` [Bug middle-end/44069] [4.5 Regression] " rguenth at gcc dot gnu dot org
@ 2010-05-14 21:16 ` rguenth at gcc dot gnu dot org
2010-05-14 21:28 ` rguenth at gcc dot gnu dot org
` (5 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: rguenth at gcc dot gnu dot org @ 2010-05-14 21:16 UTC (permalink / raw)
To: gcc-bugs
------- Comment #6 from rguenth at gcc dot gnu dot org 2010-05-14 21:16 -------
We fold
D.1794_14 = D.1795_13 * 4;
D.1793_15 = &vals[0][0] + D.1794_14;
to &vals[0][D.1795_13]
Now we can either avoid doing this kind of foldings or we need to be more
careful when analyzing the result in the oracle.
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=44069
^ permalink raw reply [flat|nested] 13+ messages in thread
* [Bug middle-end/44069] [4.5/4.6 Regression] optimization bug initializing from cast array
2010-05-11 0:00 [Bug c++/44069] New: optimization bug initializing from cast array kraftche at cae dot wisc dot edu
` (5 preceding siblings ...)
2010-05-14 21:16 ` [Bug middle-end/44069] [4.5/4.6 " rguenth at gcc dot gnu dot org
@ 2010-05-14 21:28 ` rguenth at gcc dot gnu dot org
2010-05-19 12:59 ` rguenth at gcc dot gnu dot org
` (4 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: rguenth at gcc dot gnu dot org @ 2010-05-14 21:28 UTC (permalink / raw)
To: gcc-bugs
------- Comment #7 from rguenth at gcc dot gnu dot org 2010-05-14 21:28 -------
More reduced testcase:
template <unsigned R, unsigned C>
class M {
public:
M(const int* arr) {
for (unsigned long r = 0; r < R; ++r)
for (unsigned long c = 0; c < C; ++c)
m[r*C+c] = arr[r*C+c];
}
int operator()(unsigned r, unsigned c) const
{ return m[r*C+c]; }
private:
int m[R*C];
};
extern "C" void abort (void);
int main()
{
int vals[2][2] = { { 1, 2 }, { 5, 6 } };
M<2,2> m( &(vals[0][0]) );
if (m(1,0) != 5)
abort ();
return 0;
}
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=44069
^ permalink raw reply [flat|nested] 13+ messages in thread
* [Bug middle-end/44069] [4.5/4.6 Regression] optimization bug initializing from cast array
2010-05-11 0:00 [Bug c++/44069] New: optimization bug initializing from cast array kraftche at cae dot wisc dot edu
` (6 preceding siblings ...)
2010-05-14 21:28 ` rguenth at gcc dot gnu dot org
@ 2010-05-19 12:59 ` rguenth at gcc dot gnu dot org
2010-05-25 15:50 ` rguenth at gcc dot gnu dot org
` (3 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: rguenth at gcc dot gnu dot org @ 2010-05-19 12:59 UTC (permalink / raw)
To: gcc-bugs
--
rguenth at gcc dot gnu dot org changed:
What |Removed |Added
----------------------------------------------------------------------------
Priority|P3 |P2
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=44069
^ permalink raw reply [flat|nested] 13+ messages in thread
* [Bug middle-end/44069] [4.5/4.6 Regression] optimization bug initializing from cast array
2010-05-11 0:00 [Bug c++/44069] New: optimization bug initializing from cast array kraftche at cae dot wisc dot edu
` (7 preceding siblings ...)
2010-05-19 12:59 ` rguenth at gcc dot gnu dot org
@ 2010-05-25 15:50 ` rguenth at gcc dot gnu dot org
2010-05-25 15:53 ` [Bug middle-end/44069] [4.5 " rguenth at gcc dot gnu dot org
` (2 subsequent siblings)
11 siblings, 0 replies; 13+ messages in thread
From: rguenth at gcc dot gnu dot org @ 2010-05-25 15:50 UTC (permalink / raw)
To: gcc-bugs
------- Comment #8 from rguenth at gcc dot gnu dot org 2010-05-25 15:50 -------
Subject: Bug 44069
Author: rguenth
Date: Tue May 25 15:49:34 2010
New Revision: 159824
URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=159824
Log:
2010-05-25 Richard Guenther <rguenther@suse.de>
PR middle-end/44069
* gimple-fold.c (maybe_fold_stmt_addition): Avoid generating
out-of-bounds array accesses.
* g++.dg/torture/pr44069.C: New testcase.
Added:
trunk/gcc/testsuite/g++.dg/torture/pr44069.C
Modified:
trunk/gcc/ChangeLog
trunk/gcc/gimple-fold.c
trunk/gcc/testsuite/ChangeLog
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=44069
^ permalink raw reply [flat|nested] 13+ messages in thread
* [Bug middle-end/44069] [4.5 Regression] optimization bug initializing from cast array
2010-05-11 0:00 [Bug c++/44069] New: optimization bug initializing from cast array kraftche at cae dot wisc dot edu
` (8 preceding siblings ...)
2010-05-25 15:50 ` rguenth at gcc dot gnu dot org
@ 2010-05-25 15:53 ` rguenth at gcc dot gnu dot org
2010-05-26 11:45 ` rguenth at gcc dot gnu dot org
2010-05-26 11:46 ` rguenth at gcc dot gnu dot org
11 siblings, 0 replies; 13+ messages in thread
From: rguenth at gcc dot gnu dot org @ 2010-05-25 15:53 UTC (permalink / raw)
To: gcc-bugs
------- Comment #9 from rguenth at gcc dot gnu dot org 2010-05-25 15:53 -------
Fixed for 4.6 sofar.
--
rguenth at gcc dot gnu dot org changed:
What |Removed |Added
----------------------------------------------------------------------------
Known to work| |4.6.0
Summary|[4.5/4.6 Regression] |[4.5 Regression]
|optimization bug |optimization bug
|initializing from cast array|initializing from cast array
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=44069
^ permalink raw reply [flat|nested] 13+ messages in thread
* [Bug middle-end/44069] [4.5 Regression] optimization bug initializing from cast array
2010-05-11 0:00 [Bug c++/44069] New: optimization bug initializing from cast array kraftche at cae dot wisc dot edu
` (9 preceding siblings ...)
2010-05-25 15:53 ` [Bug middle-end/44069] [4.5 " rguenth at gcc dot gnu dot org
@ 2010-05-26 11:45 ` rguenth at gcc dot gnu dot org
2010-05-26 11:46 ` rguenth at gcc dot gnu dot org
11 siblings, 0 replies; 13+ messages in thread
From: rguenth at gcc dot gnu dot org @ 2010-05-26 11:45 UTC (permalink / raw)
To: gcc-bugs
------- Comment #10 from rguenth at gcc dot gnu dot org 2010-05-26 11:44 -------
Subject: Bug 44069
Author: rguenth
Date: Wed May 26 11:44:44 2010
New Revision: 159865
URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=159865
Log:
2010-05-26 Richard Guenther <rguenther@suse.de>
PR middle-end/44069
* tree-ssa-ccp.c (maybe_fold_stmt_addition): Avoid generating
out-of-bounds array accesses.
* g++.dg/torture/pr44069.C: New testcase.
Added:
branches/gcc-4_5-branch/gcc/testsuite/g++.dg/torture/pr44069.C
Modified:
branches/gcc-4_5-branch/gcc/ChangeLog
branches/gcc-4_5-branch/gcc/testsuite/ChangeLog
branches/gcc-4_5-branch/gcc/tree-ssa-ccp.c
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=44069
^ permalink raw reply [flat|nested] 13+ messages in thread
* [Bug middle-end/44069] [4.5 Regression] optimization bug initializing from cast array
2010-05-11 0:00 [Bug c++/44069] New: optimization bug initializing from cast array kraftche at cae dot wisc dot edu
` (10 preceding siblings ...)
2010-05-26 11:45 ` rguenth at gcc dot gnu dot org
@ 2010-05-26 11:46 ` rguenth at gcc dot gnu dot org
11 siblings, 0 replies; 13+ messages in thread
From: rguenth at gcc dot gnu dot org @ 2010-05-26 11:46 UTC (permalink / raw)
To: gcc-bugs
------- Comment #11 from rguenth at gcc dot gnu dot org 2010-05-26 11:46 -------
Fixed.
--
rguenth at gcc dot gnu dot org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|ASSIGNED |RESOLVED
Known to fail| |4.5.0
Known to work|4.6.0 |4.5.1 4.6.0
Resolution| |FIXED
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=44069
^ permalink raw reply [flat|nested] 13+ messages in thread
end of thread, other threads:[~2010-05-26 11:46 UTC | newest]
Thread overview: 13+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2010-05-11 0:00 [Bug c++/44069] New: optimization bug initializing from cast array kraftche at cae dot wisc dot edu
2010-05-11 0:22 ` [Bug c++/44069] " pinskia at gcc dot gnu dot org
2010-05-11 0:29 ` kraftche at cae dot wisc dot edu
2010-05-11 0:44 ` paolo dot carlini at oracle dot com
2010-05-11 8:47 ` rguenth at gcc dot gnu dot org
2010-05-12 20:16 ` [Bug middle-end/44069] [4.5 Regression] " rguenth at gcc dot gnu dot org
2010-05-14 21:16 ` [Bug middle-end/44069] [4.5/4.6 " rguenth at gcc dot gnu dot org
2010-05-14 21:28 ` rguenth at gcc dot gnu dot org
2010-05-19 12:59 ` rguenth at gcc dot gnu dot org
2010-05-25 15:50 ` rguenth at gcc dot gnu dot org
2010-05-25 15:53 ` [Bug middle-end/44069] [4.5 " rguenth at gcc dot gnu dot org
2010-05-26 11:45 ` rguenth at gcc dot gnu dot org
2010-05-26 11:46 ` rguenth at gcc dot gnu dot org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).